]> git.ipfire.org Git - thirdparty/glibc.git/commitdiff
projects / thirdparty / glibc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e053e7c)
x86/cet: Add -fcf-protection=none before -fcf-protection=branch
authorH.J. Lu <hjl.tools@gmail.com>
Mon, 1 Jan 2024 15:55:18 +0000 (07:55 -0800)
committerH.J. Lu <hjl.tools@gmail.com>
Tue, 19 Aug 2025 22:39:23 +0000 (15:39 -0700)
When shadow stack is enabled, some CET tests failed when compiled with
GCC 14:

FAIL: elf/tst-cet-legacy-4
FAIL: elf/tst-cet-legacy-5a
FAIL: elf/tst-cet-legacy-6a

which are caused by

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113039

These tests use -fcf-protection -fcf-protection=branch and assume that
-fcf-protection=branch will override -fcf-protection.  But this GCC 14
commit:

https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1c6231c05bdcca

changed the -fcf-protection behavior such that

-fcf-protection -fcf-protection=branch

is treated the same as

-fcf-protection

Use

-fcf-protection -fcf-protection=none -fcf-protection=branch

as the workaround.  This fixes BZ #31187.

Tested with GCC 13 and GCC 14 on Intel Tiger Lake.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
(cherry picked from commit b5dcccfb12385ee492eb074f6beb9ead56b5e5fd)

sysdeps/x86/Makefile patch | blob | blame | history

diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile
index d751eaedf48fb4bf6f40afe87a9c4176f4d3edb6..2bd7e358e5374db26133f3f27b4703faf151691e 100644 (file)
--- a/sysdeps/x86/Makefile
+++ b/sysdeps/x86/Makefile
@@ -213,12 +213,12 @@ modules-names += \
   tst-cet-legacy-mod-6c \
 # modules-names
 
-CFLAGS-tst-cet-legacy-2.c += -fcf-protection=branch
+CFLAGS-tst-cet-legacy-2.c += -fcf-protection=none -fcf-protection=branch
 CFLAGS-tst-cet-legacy-2a.c += -fcf-protection
 CFLAGS-tst-cet-legacy-mod-1.c += -fcf-protection=none
 CFLAGS-tst-cet-legacy-mod-2.c += -fcf-protection=none
 CFLAGS-tst-cet-legacy-3.c += -fcf-protection=none
-CFLAGS-tst-cet-legacy-4.c += -fcf-protection=branch
+CFLAGS-tst-cet-legacy-4.c += -fcf-protection=none -fcf-protection=branch
 CPPFLAGS-tst-cet-legacy-4a.c += -DCET_IS_PERMISSIVE=1
 CFLAGS-tst-cet-legacy-4a.c += -fcf-protection
 CFLAGS-tst-cet-legacy-4b.c += -fcf-protection
@@ -229,7 +229,7 @@ CPPFLAGS-tst-cet-legacy-5a.c += -DCET_IS_PERMISSIVE=1
 endif
 CFLAGS-tst-cet-legacy-5b.c += -fcf-protection -mshstk
 CPPFLAGS-tst-cet-legacy-5b.c += -DCET_DISABLED_BY_ENV=1
-CFLAGS-tst-cet-legacy-mod-5a.c += -fcf-protection=branch
+CFLAGS-tst-cet-legacy-mod-5a.c += -fcf-protection=none -fcf-protection=branch
 CFLAGS-tst-cet-legacy-mod-5b.c += -fcf-protection
 CFLAGS-tst-cet-legacy-mod-5c.c += -fcf-protection
 CFLAGS-tst-cet-legacy-6a.c += -fcf-protection -mshstk
@@ -238,7 +238,7 @@ CPPFLAGS-tst-cet-legacy-6a.c += -DCET_IS_PERMISSIVE=1
 endif
 CFLAGS-tst-cet-legacy-6b.c += -fcf-protection -mshstk
 CPPFLAGS-tst-cet-legacy-6b.c += -DCET_DISABLED_BY_ENV=1
-CFLAGS-tst-cet-legacy-mod-6a.c += -fcf-protection=branch
+CFLAGS-tst-cet-legacy-mod-6a.c += -fcf-protection=none -fcf-protection=branch
 CFLAGS-tst-cet-legacy-mod-6b.c += -fcf-protection
 CFLAGS-tst-cet-legacy-mod-6c.c += -fcf-protection
 CFLAGS-tst-cet-legacy-7.c += -fcf-protection=none
A mirror of the official glibc repository